Resources
PKI Disclosure
Licenses & Approvals
E-Sign
Publications
Home > Repository

VeriSign's Certification Practice Statement

Quick Summary of Important CPS Rights and Obligations

PLEASE SEE THE TEXT OF THE CPS FOR DETAILS. THIS SUMMARY IS INCOMPLETE. MANY OTHER IMPORTANT ISSUES ARE DISCUSSED IN THE CPS.


PLEASE SEE THE TEXT OF THE CPS FOR DETAILS. THIS SUMMARY IS INCOMPLETE. MANY OTHER IMPORTANT ISSUES ARE DISCUSSED IN THE CPS.
  1. This Certification Practice Statement controls the provision and use of VeriSign's public certification services [§ 1.1, § 2.1] -- including certificate application [§ 4],application validation [§5], certificate issuance [§ 6], acceptance [§ 7],use [§ 8], and suspension and revocation [§ 9].

  2. You (the user) acknowledge that (i) you have been advised to receive proper training in the use of public key techniques prior to applying for a certificate and that (ii) documentation, training, and education about digital signatures, certificates, PKI, and the PCS are available from VeriSign [§ 1.6].

  3. VeriSign offers different classes of certificates [§ 2.2]. You must decide which class(es) of certificate are right for your needs.

  4. Before submitting a certificate application [§ 4.2], you must generate a key pair [§§ 2.3.3, 4.1]and keep the private key secure from compromise in a trustworthy manner [§ 4.1.1]. Your software system should provide this functionality.

  5. You must accept [§ 7.1] a certificate before communicating it to others, or otherwise inducing their use of it. By accepting a certificate, you make certain important representations [§ 7.2].

  6. If you are the recipient of a digital signature or certificate, you are responsible for deciding whether to rely on it. Before doing so, VeriSign recommends that you check the VeriSign repository to confirm that the certificate is valid and not revoked, or suspended and then use the certificate to verify [§ 8.1] that the digital signature was created during the operational period of the certificate by the private key corresponding to the public key listed in the certificate, and that the message associated with the digital signature has not been altered.

  7. You agree to notify [§ 12.10] the applicable issuing authority upon compromise of your private key.

  8. This Certification Practice Statement provides various warranties made by VeriSign and the issuing authorities [§ 11.3]. VeriSign also has a refund policy [§ 11.1] Otherwise, warranties are disclaimed and liability is limited by VeriSign and issuing authorities [§§ 11.2 and 11.3].

  9. The NetSureSM Protection Plan,on its effective date, will provide enhanced warranty protection to subscribers of VeriSign-issued certificates who obtain certificates after the effective date. Relying parties can obtain the benefits of the NetsureSM Protection Plan by purchasing a certificate at VeriSign's Digital IDSM Center at https://digitalid.verisign.com/enroll.html. The NetSureSM Protection Plan alters the limitations of liability applicable to subscribers who obtain certificates on or after the effective date. For more information, see the NetSureSM Protection Plan at https://www.verisign.com/repository/netsure and the NetSureSM Protection Plan FAQ at https://www.verisign.com/repository/netsure_faq/.

  10. The Certification Practice Statement contains various miscellaneous provisions [§ 12], requires compliance with applicable export regulations [§12.2], and prohibits infringement [§ 12.14].

For more information, see VeriSign's web site or contact customer service.